Fix directory permission flow and filtering#489
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if (!initialSetupDone) return true | ||
| if (normalizedAllowed.isEmpty()) return false | ||
|
|
||
| val normalizedParent = normalizePath(path) | ||
| return normalizedAllowed.any { normalizedParent.startsWith(it) } |
There was a problem hiding this comment.
The new isPathAllowed uses a raw startsWith on normalized paths, so any parent path that merely shares a prefix with an allowed folder will be treated as authorized. For example, allowing /storage/emulated/0/Music will also admit songs under /storage/emulated/0/MusicVideos/..., bypassing the user’s selection when initialSetupDone is true. The previous DAO filtering required exact directory matches, so this widens access unexpectedly; consider enforcing path-separator boundaries when comparing directories.
Useful? React with 👍 / 👎.
1 participant
Summary
Testing
Codex Task